
<?php
		
	$var = @$_GET['id'] ;
	
	//connect to your database ** EDIT REQUIRED HERE **
	include('config.php');
	
	// Build SQL Query  
	//$query = "SELECT * FROM tbartifacts WHERE Title LIKE \"%$trimmed%\" OR Text LIKE \"%$trimmed%\" " ; 
	
	$query = "SELECT tbartifacts.Id AS ArtifactsId, tbartifacts.Title, tbartifacts.Text, tbartifacts_type.Name, 
	          tbartifacts_type.Id As TypeId, tbusers.Id AS AuthorId, tbusers.Name AS Author
			  FROM tbartifacts, tbartifacts_type, tbusers 
			  WHERE tbartifacts.Id = \"$var\"  
			  AND tbartifacts.Type = tbartifacts_type.Id AND tbartifacts.Author = tbusers.Id";
	
	
	
	 	
	mysql_query("set names utf8");
	 
	$numresults = mysql_query($query);
	 
	if (!$numresults) 
	{
		die('Invalid query: ' . mysql_error());
	}
					
		 
	$row = mysql_fetch_assoc($numresults);
	
	// If the Author is diferent than session user Id 
	if($row["AuthorId"] != $_SESSION['userid'])
	{
		redirect('index.php');
	}	
		
	echo ("<h>Tem certeza que deseja apagar \" ".$row["Title"]." \" ?</h>" );
	echo (" <br/><br/><br/> ");
	echo (" <form enctype='multipart/form-data' name='delForm' action='lib/del_model.php' method='post'> ");
	echo (" <input type='hidden' name='artifactsId' id='artifactsId' value='".$row["ArtifactsId"]."'  /> ");
	echo (" <input type='hidden' name='userid' id='userid' value='".$row["AuthorId"]."'  /> ");
	echo (" <input  type='submit' name='submit' value='Apagar' onclick='' />");
	echo (" <input  type='button' name='cancelar' value='Cancelar' onclick='' />");
	echo ("</form>");
	echo (" <br/><br/>");
	echo (" <a href='download.php?id=".$var."'>Cancelar</a> ");
		
	
	  
?>